OneLogin Protect one-time password (OTP) mobile app delivers unparalleled usability. Available on major mobile platforms, OneLogin Protect lets users perform multi-factor authentication with the click of a button.
Secure access to your corporate VPN and WiFi, G Suite, Office 365, Salesforce.com, and thousands of cloud applications with a second authentication factor beyond user name and password. In the event that someone steals a user’s credentials, the addition of a one-time password token is a significant barrier to prevent intruder access. OneLogin Protect is available for Android, Android Wear, Apple iOS, and Apple watchOS.
OneLogin Protect’s OTP generator removes friction from multi factor authentication (MFA) by letting users simply respond to a push notification on their smartphone or watch during the login process. The OneLogin Protect OTP authentication passcode is sent through your phone to OneLogin where it is validated and then the user is logged in. If the user’s mobile device is not connected to the Internet, the user can enter the one-time password on the OneLogin App Portal. As soon as OneLogin receives a valid one-time password, the user is logged in.
First, users install the OneLogin Protect OTP mobile app, available on the Apple and, Android app stores. Then users sign into OneLogin App Portal and follow instructions to register their mobile app instance with their OneLogin account. Once registered, the user can provide a valid one-time password when signing into OneLogin.
OneLogin Protect’s OTP solution is based on RFC 6238 – A Time-Based One-Time Password Algorithm, which was designed by VeriSign, Symantec, and others. The RFC describes how two endpoints with synchronized clocks can exchange a secure one-time password based on the HMAC algorithm. One-time passwords are valid for 30 seconds, but the implementation of the algorithm is able to tolerate some time drift on the mobile device in order to increase reliability of the solution.